urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1036:3000:10::5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://portal.laadpunt.nl/
Effective URL: https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3...
Submission: On March 22 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 1 countries across 9 domains to perform 51 HTTP transactions. The main IP is 2603:1036:3000:10::5, located in and belongs to . The main domain is login.microsoftonline.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 7th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    142.250.80.51 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f19.1e100.net
portal.laadpunt.nl
4    2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
25    2600:1901:0:e3b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
api.tribecrm.nl
auth.tribecrm.nl
1    2606:4700:e4::ac40:ac03 (None, )

ASN- ()
flagcdn.com
3    2607:f8b0:4006:822::2003 (None, )

ASN- ()
fonts.gstatic.com
2    2603:1036:3000:10::5 (None, )

ASN- ()
login.microsoftonline.com
8    2603:1062:10:25::1 (None, )

ASN- ()
aadcdn.msauth.net
1    20.190.151.133 (None, )

ASN- ()
login.live.com
Domain Requested by
17 api.tribecrm.nl portal.laadpunt.nl
8 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
8 auth.tribecrm.nl 2 redirects portal.laadpunt.nl
auth.tribecrm.nl
8 portal.laadpunt.nl portal.laadpunt.nl
4 fonts.googleapis.com portal.laadpunt.nl
auth.tribecrm.nl
3 fonts.gstatic.com fonts.googleapis.com
2 login.microsoftonline.com auth.tribecrm.nl
aadcdn.msauth.net
1 login.live.com login.microsoftonline.com
1 flagcdn.com
0 aadcdn.msauthimages.net Failed
51 10

This site contains no links.

Subject Issuer Validity Valid
portal.laadpunt.nl
GTS CA 1D4		 2024-03-19 -
2024-06-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.tribecrm.nl
Sectigo RSA Organization Validation Secure Server CA		 2024-01-02 -
2025-01-24		 a year crt.sh
flagcdn.com
GTS CA 1P5		 2024-02-25 -
2024-05-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-03-07 -
2025-03-07		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-01-29 -
2025-01-29		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-02-07 -
2025-02-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf&sso_reload=true
Frame ID: 263085D93FEF8BABCE6F66CA206935FF
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://portal.laadpunt.nl/ Page URL
  2. https://auth.tribecrm.nl/oauth2/auth?client_id=54fb5655-1359-4d7e-9187-bde1474538da&redirect_uri=http... HTTP 302
    https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7 Page URL
  3. https://auth.tribecrm.nl/strategy/openidconnect?username=undefined&organizationId=dc8dcde7-6fdd-47e2-... HTTP 302
    https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=cod... Page URL
  4. https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=cod... Page URL

Page Statistics

51
Requests

98 %
HTTPS

75 %
IPv6

9
Domains

10
Subdomains

9
IPs

1
Countries

4750 kB
Transfer

14539 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://portal.laadpunt.nl/ Page URL
  2. https://auth.tribecrm.nl/oauth2/auth?client_id=54fb5655-1359-4d7e-9187-bde1474538da&redirect_uri=https%3A%2F%2Fportal.laadpunt.nl%2Fauth%2Fcallback&response_type=code&scope=openid%20read&state=9eba0983-8787-432f-aaa1-34de46e0c7df%7C%2F%7C%7C&organization_id=dc8dcde7-6fdd-47e2-86d7-c59c8c786d85&portal_id=adfcc8ab-8e72-41f6-8360-adfd9f032821&language_code=EN HTTP 302
    https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7 Page URL
  3. https://auth.tribecrm.nl/strategy/openidconnect?username=undefined&organizationId=dc8dcde7-6fdd-47e2-86d7-c59c8c786d85 HTTP 302
    https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf Page URL
  4. https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://auth.tribecrm.nl/oauth2/auth?client_id=54fb5655-1359-4d7e-9187-bde1474538da&redirect_uri=https%3A%2F%2Fportal.laadpunt.nl%2Fauth%2Fcallback&response_type=code&scope=openid%20read&state=9eba0983-8787-432f-aaa1-34de46e0c7df%7C%2F%7C%7C&organization_id=dc8dcde7-6fdd-47e2-86d7-c59c8c786d85&portal_id=adfcc8ab-8e72-41f6-8360-adfd9f032821&language_code=EN HTTP 302
  • https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
Request Chain 39
  • https://auth.tribecrm.nl/strategy/openidconnect?username=undefined&organizationId=dc8dcde7-6fdd-47e2-86d7-c59c8c786d85 HTTP 302
  • https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
portal.laadpunt.nl/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.laadpunt.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.51 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f19.1e100.net
Software
Google Frontend / Express
Resource Hash
e889390fe2305dd065756a0fb443395225015ad29d5cc9515cccbcff50824933
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-/dnQucuFdLWRNxXSqMlA9Q==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode-block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, max-age=0
content-encoding
gzip
content-length
590
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-/dnQucuFdLWRNxXSqMlA9Q==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 22 Mar 2024 17:30:15 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
referrer-policy
no-referrer-when-downgrade
server
Google Frontend
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-cloud-trace-context
c4d3995b3d6fec95bdb277c4545ef91b
x-content-type-options
nosniff
x-powered-by
Express
x-xss-protection
1;mode-block
css
fonts.googleapis.com/ 		1 KB
848 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Material+Icons|Material+Icons+Outlined
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46ce4b49297a7b60d67e831c05370a9b9bfbda619fca005ffba5a03ab632a00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://portal.laadpunt.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Mar 2024 17:30:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 17:30:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Mar 2024 17:30:16 GMT
css
fonts.googleapis.com/ 		9 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:200,300,400,500,600,700
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://portal.laadpunt.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Mar 2024 17:30:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 17:30:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Mar 2024 17:30:16 GMT
9.dd4ee04a.chunk.css
portal.laadpunt.nl/static/css/ 		398 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.laadpunt.nl/static/css/9.dd4ee04a.chunk.css
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.51 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f19.1e100.net
Software
Google Frontend / Express
Resource Hash
6628f5eb6eabdd699b7bffbbc15dc6a04e27dc26629a73e3b8f84858b6d33421
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-BbxHlqM/fICB88IdGQcSzw==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode-block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://portal.laadpunt.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-BbxHlqM/fICB88IdGQcSzw==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 17:30:16 GMT
content-encoding
gzip
x-powered-by
Express
content-length
76998
x-xss-protection
1;mode-block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
etag
W/"63837-49773873e8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-cloud-trace-context
d01c62683979d3c01ceecb140adb3d8e
cache-control
public, max-age=0
permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
main.4bb1e345.chunk.css
portal.laadpunt.nl/static/css/ 		150 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.laadpunt.nl/static/css/main.4bb1e345.chunk.css
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.51 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f19.1e100.net
Software
Google Frontend / Express
Resource Hash
c45e112c4ef9f369bc67cf449176fba98e2c01e604f887fe38084305e0e92711
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-EwGRdKNmrVCN4kwvz22HVg==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode-block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://portal.laadpunt.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-EwGRdKNmrVCN4kwvz22HVg==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 17:30:16 GMT
content-encoding
gzip
x-powered-by
Express
content-length
38839
x-xss-protection
1;mode-block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
etag
W/"25892-49773873e8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-cloud-trace-context
a5dff47e94d7bf3b889863b3f95b52be
cache-control
public, max-age=0
permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
runtime-main.d4cbbddf.js
portal.laadpunt.nl/static/js/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.laadpunt.nl/static/js/runtime-main.d4cbbddf.js
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.51 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f19.1e100.net
Software
Google Frontend / Express
Resource Hash
5e36a2f95b51815233bbedaca8447b92ee0f8f34c4c3d9b450b2173c5b6e28cc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-twL6id89Ld7trW64MEimSw==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode-block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://portal.laadpunt.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-twL6id89Ld7trW64MEimSw==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 17:30:17 GMT
content-encoding
gzip
x-powered-by
Express
content-length
7997
x-xss-protection
1;mode-block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
etag
W/"4d84-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
0d2f155fd3dd2ab282ebe2be44cb6df3
cache-control
public, max-age=0
permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
9.789e8312.chunk.js
portal.laadpunt.nl/static/js/ 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.laadpunt.nl/static/js/9.789e8312.chunk.js
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.51 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f19.1e100.net
Software
Google Frontend / Express
Resource Hash
9d9e2b1b1b516dd0e39ff9ebc6c9ced112bf424ea28b8b4030f2d336e968a0a0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-y8hYQuboWXlRMWrtzAfSVA==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode-block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://portal.laadpunt.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-y8hYQuboWXlRMWrtzAfSVA==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 17:30:17 GMT
content-encoding
gzip
x-powered-by
Express
content-length
2528498
x-xss-protection
1;mode-block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
etag
W/"6f9bd3-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
b7a4dc4e23ba7dffea890cd156dd2658
cache-control
public, max-age=0
permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
main.2e7f72ed.chunk.js
portal.laadpunt.nl/static/js/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.laadpunt.nl/static/js/main.2e7f72ed.chunk.js
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.51 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f19.1e100.net
Software
Google Frontend / Express
Resource Hash
f77727e8faa05a45342eb5f6ec3be19351414480199f9c5768044fc294ff993a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-6LNZa+/yBn0MfBkb8sedxQ==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode-block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://portal.laadpunt.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-6LNZa+/yBn0MfBkb8sedxQ==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 17:30:17 GMT
content-encoding
gzip
x-powered-by
Express
content-length
1245350
x-xss-protection
1;mode-block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
etag
W/"4ca3b5-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
5ea89982dc55e553e6f3cf1cb735f398
cache-control
public, max-age=0
permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
language-package
api.tribecrm.nl/public/welcome/ 		195 KB
56 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/public/welcome/language-package
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/static/js/9.789e8312.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
73ad1394f2054a7e765d3884caba2f1b1ded66cf8a2993b093a1f7a91acbe574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Client-Language
en
Referer
https://portal.laadpunt.nl/
Connection-Id
a25ef70e-0eea-43f2-a62d-c73522255bcb
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8;

Response headers

date
Fri, 22 Mar 2024 17:30:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-powered-by
Tribe CRM
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1;mode-block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
0
setting-package
api.tribecrm.nl/public/welcome/ 		29 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/public/welcome/setting-package
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/static/js/9.789e8312.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
2035af87a60c6fa155ca6d14a71eeaa9086e4b55b679c0713db5383d1adc154f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Client-Language
en
Referer
https://portal.laadpunt.nl/
Connection-Id
a25ef70e-0eea-43f2-a62d-c73522255bcb
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8;

Response headers

date
Fri, 22 Mar 2024 17:30:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-powered-by
Tribe CRM
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1;mode-block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
0
states
api.tribecrm.nl/public/welcome/metadata/pack/ 		21 B
74 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/public/welcome/metadata/pack/states
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/static/js/9.789e8312.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
45b93ccefd22e5ec4796dc8d5173e3060566fec357528dfe20b3bd814d9bc430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Client-Language
en
Referer
https://portal.laadpunt.nl/
Connection-Id
a25ef70e-0eea-43f2-a62d-c73522255bcb
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8;

Response headers

date
Fri, 22 Mar 2024 17:30:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-powered-by
Tribe CRM
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1;mode-block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
0
user
api.tribecrm.nl/public/welcome/ 		11 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/public/welcome/user
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/static/js/9.789e8312.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Client-Language
en
Referer
https://portal.laadpunt.nl/
Connection-Id
a25ef70e-0eea-43f2-a62d-c73522255bcb
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8;

Response headers

date
Fri, 22 Mar 2024 17:30:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-powered-by
Tribe CRM
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1;mode-block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
0
team
api.tribecrm.nl/public/welcome/ 		11 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/public/welcome/team
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/static/js/9.789e8312.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Client-Language
en
Referer
https://portal.laadpunt.nl/
Connection-Id
a25ef70e-0eea-43f2-a62d-c73522255bcb
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8;

Response headers

date
Fri, 22 Mar 2024 17:30:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-powered-by
Tribe CRM
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1;mode-block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
0
contract
api.tribecrm.nl/public/welcome/ 		11 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/public/welcome/contract
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/static/js/9.789e8312.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Client-Language
en
Referer
https://portal.laadpunt.nl/
Connection-Id
a25ef70e-0eea-43f2-a62d-c73522255bcb
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8;

Response headers

date
Fri, 22 Mar 2024 17:30:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-powered-by
Tribe CRM
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1;mode-block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
0
currencies
api.tribecrm.nl/public/welcome/ 		172 B
185 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/public/welcome/currencies
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/static/js/9.789e8312.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
2cd021aa85dac66011a8607390236687408255bc538a8d1e4745cf0786beb7b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Client-Language
en
Referer
https://portal.laadpunt.nl/
Connection-Id
a25ef70e-0eea-43f2-a62d-c73522255bcb
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8;

Response headers

date
Fri, 22 Mar 2024 17:30:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-powered-by
Tribe CRM
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1;mode-block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
0
language-package
api.tribecrm.nl/public/welcome/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/public/welcome/language-package
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Accept
*/*
Access-Control-Request-Headers
client-language,connection-id
Access-Control-Request-Method
GET
Origin
https://portal.laadpunt.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
client-language, connection-id
access-control-allow-methods
GET
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 22 Mar 2024 17:30:21 GMT
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Tribe CRM
x-xss-protection
1;mode-block
setting-package
api.tribecrm.nl/public/welcome/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/public/welcome/setting-package
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Accept
*/*
Access-Control-Request-Headers
client-language,connection-id
Access-Control-Request-Method
GET
Origin
https://portal.laadpunt.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
client-language, connection-id
access-control-allow-methods
GET
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 22 Mar 2024 17:30:21 GMT
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Tribe CRM
x-xss-protection
1;mode-block
states
api.tribecrm.nl/public/welcome/metadata/pack/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/public/welcome/metadata/pack/states
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Accept
*/*
Access-Control-Request-Headers
client-language,connection-id
Access-Control-Request-Method
GET
Origin
https://portal.laadpunt.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
client-language, connection-id
access-control-allow-methods
GET
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 22 Mar 2024 17:30:22 GMT
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Tribe CRM
x-xss-protection
1;mode-block
user
api.tribecrm.nl/public/welcome/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/public/welcome/user
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Accept
*/*
Access-Control-Request-Headers
client-language,connection-id
Access-Control-Request-Method
GET
Origin
https://portal.laadpunt.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
client-language, connection-id
access-control-allow-methods
GET
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 22 Mar 2024 17:30:21 GMT
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Tribe CRM
x-xss-protection
1;mode-block
team
api.tribecrm.nl/public/welcome/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/public/welcome/team
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Accept
*/*
Access-Control-Request-Headers
client-language,connection-id
Access-Control-Request-Method
GET
Origin
https://portal.laadpunt.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
client-language, connection-id
access-control-allow-methods
GET
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 22 Mar 2024 17:30:22 GMT
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Tribe CRM
x-xss-protection
1;mode-block
contract
api.tribecrm.nl/public/welcome/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/public/welcome/contract
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Accept
*/*
Access-Control-Request-Headers
client-language,connection-id
Access-Control-Request-Method
GET
Origin
https://portal.laadpunt.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
client-language, connection-id
access-control-allow-methods
GET
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 22 Mar 2024 17:30:22 GMT
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Tribe CRM
x-xss-protection
1;mode-block
currencies
api.tribecrm.nl/public/welcome/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/public/welcome/currencies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Accept
*/*
Access-Control-Request-Headers
client-language,connection-id
Access-Control-Request-Method
GET
Origin
https://portal.laadpunt.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
client-language, connection-id
access-control-allow-methods
GET
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 22 Mar 2024 17:30:22 GMT
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Tribe CRM
x-xss-protection
1;mode-block
47.a4c24a1a.chunk.js
portal.laadpunt.nl/static/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.laadpunt.nl/static/js/47.a4c24a1a.chunk.js
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/static/js/runtime-main.d4cbbddf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.51 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f19.1e100.net
Software
Google Frontend / Express
Resource Hash
846136128682cc6f1004f09ed074d5e6c22bd451279a744fbf5a7b563c00b45f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-jmsjbSgW3rYJxhhSiTHZdg==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode-block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://portal.laadpunt.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-jmsjbSgW3rYJxhhSiTHZdg==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 17:30:22 GMT
content-encoding
gzip
x-powered-by
Express
content-length
2904
x-xss-protection
1;mode-block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
etag
W/"2369-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
3db79369cdd0b823539c6cb81f4660f4;o=1
cache-control
public, max-age=0
permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
1.84afa99c.chunk.js
portal.laadpunt.nl/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.laadpunt.nl/static/js/1.84afa99c.chunk.js
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/static/js/runtime-main.d4cbbddf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.51 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f19.1e100.net
Software
Google Frontend / Express
Resource Hash
ab7c3eec72970f60e4e2c0e9f856f0e86862142a4ecbafe8600cd7de97faa7a5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-9cNev3+wn3p6xfpUozw5hw==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode-block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://portal.laadpunt.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-9cNev3+wn3p6xfpUozw5hw==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 17:30:23 GMT
content-encoding
gzip
x-powered-by
Express
content-length
1212
x-xss-protection
1;mode-block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
etag
W/"d26-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
a60209f880624ee3013880e20c7ab033
cache-control
public, max-age=0
permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
authenticationEntryPoint
api.tribecrm.nl/ 		278 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/authenticationEntryPoint
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/static/js/9.789e8312.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Client-Language
en
Referer
https://portal.laadpunt.nl/
Connection-Id
a25ef70e-0eea-43f2-a62d-c73522255bcb
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8;

Response headers

date
Fri, 22 Mar 2024 17:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-powered-by
Tribe CRM
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1;mode-block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
0
authenticationEntryPoint
api.tribecrm.nl/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.tribecrm.nl/authenticationEntryPoint
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Accept
*/*
Access-Control-Request-Headers
client-language,connection-id
Access-Control-Request-Method
GET
Origin
https://portal.laadpunt.nl
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
client-language, connection-id
access-control-allow-methods
GET
access-control-allow-origin
https://portal.laadpunt.nl
access-control-expose-headers
Content-Disposition
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 22 Mar 2024 17:30:23 GMT
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Tribe CRM
x-xss-protection
1;mode-block
login
auth.tribecrm.nl/
Redirect Chain
  • https://auth.tribecrm.nl/oauth2/auth?client_id=54fb5655-1359-4d7e-9187-bde1474538da&redirect_uri=https%3A%2F%2Fportal.laadpunt.nl%2Fauth%2Fcallback&response_type=code&scope=openid%20read&state=9eba...
  • https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
Requested by
Host: portal.laadpunt.nl
URL: https://portal.laadpunt.nl/static/js/main.2e7f72ed.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
f8048ad269a8cd38535fc1312e3a40b96744347d6209a68caf10efd266034e63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

Referer
https://portal.laadpunt.nl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3269
content-type
text/html; charset=utf-8
date
Fri, 22 Mar 2024 17:30:26 GMT
etag
W/"cc5-UsxzdY7MoZGmUCPOeWJksHs+/mU"
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Tribe CRM
x-xss-protection
1;mode-block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102
content-type
text/html; charset=utf-8
date
Fri, 22 Mar 2024 17:30:26 GMT
location
https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
via
1.1 google
css
fonts.googleapis.com/ 		9 KB
864 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: auth.tribecrm.nl
URL: https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Mar 2024 17:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 16:48:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Mar 2024 17:30:26 GMT
icon
fonts.googleapis.com/ 		569 B
462 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: auth.tribecrm.nl
URL: https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Mar 2024 17:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 17:30:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Mar 2024 17:30:26 GMT
main.19393e92.chunk.css
auth.tribecrm.nl/static/css/ 		994 B
1018 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tribecrm.nl/static/css/main.19393e92.chunk.css
Requested by
Host: auth.tribecrm.nl
URL: https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
86b14582d853ff585fa9a776561bec1ecfb397acf694f66deafd225e48f138f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 17:30:26 GMT
via
1.1 google
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Tribe CRM
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
994
x-xss-protection
1;mode-block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Dec 2023 08:56:28 GMT
server
Tribe CRM Backend
etag
W/"3e2-18c8670ca60"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
2.1df989df.chunk.js
auth.tribecrm.nl/static/js/ 		415 KB
415 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tribecrm.nl/static/js/2.1df989df.chunk.js
Requested by
Host: auth.tribecrm.nl
URL: https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
7053234845d5b6dcd68138ec7531d4159f81565f39bda0a89b231e642880b921
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 17:30:26 GMT
via
1.1 google
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Tribe CRM
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
425294
x-xss-protection
1;mode-block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Dec 2023 08:56:28 GMT
server
Tribe CRM Backend
etag
W/"67d4e-18c8670ca60"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
main.149155b7.chunk.js
auth.tribecrm.nl/static/js/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tribecrm.nl/static/js/main.149155b7.chunk.js
Requested by
Host: auth.tribecrm.nl
URL: https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
0f94c70192a7e1f6d92ceef8c20e48adda2751dee62717bacf8ceaaf90f17f9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 17:30:26 GMT
via
1.1 google
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Tribe CRM
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26588
x-xss-protection
1;mode-block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Dec 2023 08:56:28 GMT
server
Tribe CRM Backend
etag
W/"67dc-18c8670ca60"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
portal-theme
auth.tribecrm.nl/ 		420 B
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.tribecrm.nl/portal-theme?organization_id=dc8dcde7-6fdd-47e2-86d7-c59c8c786d85&portal_id=adfcc8ab-8e72-41f6-8360-adfd9f032821
Requested by
Host: auth.tribecrm.nl
URL: https://auth.tribecrm.nl/static/js/main.149155b7.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
c7f34c9303e328594456bdc8e8aca5badea8798512e3114fa99b017b482e592d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 17:30:27 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
server
Tribe CRM Backend
x-content-type-options
nosniff
x-powered-by
Tribe CRM
etag
W/"1a4-x4JYJQAAz2I32EwxAPjmvCckSIs"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
420
x-xss-protection
1;mode-block
strategy
auth.tribecrm.nl/ 		215 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.tribecrm.nl/strategy?login_challenge=13c59c676244437ea0bbc7486d5697f7&organization_id=dc8dcde7-6fdd-47e2-86d7-c59c8c786d85&portal_id=adfcc8ab-8e72-41f6-8360-adfd9f032821
Requested by
Host: auth.tribecrm.nl
URL: https://auth.tribecrm.nl/static/js/main.149155b7.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 17:30:28 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
server
Tribe CRM Backend
x-content-type-options
nosniff
x-powered-by
Tribe CRM
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1;mode-block
logo
api.tribecrm.nl/public/portal/theme/dc8dcde7-6fdd-47e2-86d7-c59c8c786d85/adfcc8ab-8e72-41f6-8360-adfd9f032821/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.tribecrm.nl/public/portal/theme/dc8dcde7-6fdd-47e2-86d7-c59c8c786d85/adfcc8ab-8e72-41f6-8360-adfd9f032821/logo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e3b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Tribe CRM Backend / Tribe CRM
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode-block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 17:30:27 GMT
via
1.1 google
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Tribe CRM
content-disposition
attachment; filename="logoLaadpunt171115-1_002.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1;mode-block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
x-frame-options
SAMEORIGIN
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
image/png
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
0
gb.png
flagcdn.com/16x12/ 		645 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flagcdn.com/16x12/gb.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:ac03 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 17:30:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2076647
alt-svc
h3=":443"; ma=86400
content-length
645
last-modified
Wed, 03 Jan 2024 11:10:30 GMT
server
cloudflare
etag
"659540a6-285"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ba5FELJSySpGKqoiTAX6WQoZnhouyMBjz5ZF3Zss0dygP9R0L8xxxs4kVU78FdjIueFzXyYH2GIe2AZTnL6NFfPmqumaH6j7iExPxbnJDzjprJ%2BR7kBCpeEwJy%2F740mj5a%2FtEPRjCFH9hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-maxage=2678400
accept-ranges
bytes
cf-ray
8687e8eb29ba334f-MIA
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://auth.tribecrm.nl
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 09:13:39 GMT
x-content-type-options
nosniff
age
202610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Mar 2025 09:13:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://auth.tribecrm.nl
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 08:56:32 GMT
x-content-type-options
nosniff
age
203637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Mar 2025 08:56:32 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://auth.tribecrm.nl
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 08:52:30 GMT
x-content-type-options
nosniff
age
203879
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Mar 2025 08:52:30 GMT
authorize
login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/
Redirect Chain
  • https://auth.tribecrm.nl/strategy/openidconnect?username=undefined&organizationId=dc8dcde7-6fdd-47e2-86d7-c59c8c786d85
  • https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribec...
20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf
Requested by
Host: auth.tribecrm.nl
URL: https://auth.tribecrm.nl/static/js/main.149155b7.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1036:3000:10::5 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a585fe66e603d00237e223a8294e964736648c9d26a4e8f5ae5e634c6791821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auth.tribecrm.nl/login?login_challenge=13c59c676244437ea0bbc7486d5697f7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
8863
Content-Type
text/html; charset=utf-8
Date
Fri, 22 Mar 2024 17:30:29 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server
2.1.17573.7 - SEC ProdSlices
x-ms-request-id
533bf1ee-b2ba-40f4-a2a9-75c229564d00

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 22 Mar 2024 17:30:29 GMT
location
https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf
referrer-policy
no-referrer-when-downgrade
server
Tribe CRM Backend
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Tribe CRM
x-xss-protection
1;mode-block
BssoInterrupt_Core_GW4zPEKtwiiwtRHaCqGPVw2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_GW4zPEKtwiiwtRHaCqGPVw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1062:10:25::1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 22 Mar 2024 17:30:30 GMT
content-encoding
gzip
x-azure-ref-originshield
0GFT5ZQAAAABzCRGNGhqMTYKzIHITnhTsTU5aMjIxMDYwNjExMDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
SLOVud8XL8LSxCXtE2EZYg==
x-cache
TCP_HIT
content-length
49608
x-ms-lease-status
unlocked
last-modified
Thu, 15 Feb 2024 19:13:24 GMT
etag
0x8DC2E5A2EB17559
x-azure-ref
0N8D9ZQAAAAB2Yu+nk8SySJBDuSsPc4zGWVRPMjIxMDkwODIwMDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d04cd561-901e-000f-0c21-786c81000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Primary Request authorize
login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/ 		38 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf&sso_reload=true
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_GW4zPEKtwiiwtRHaCqGPVw2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1036:3000:10::5 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c778ceee4567b0f66598c4bcde6d7cb1dead99307441c471a27ba054e82a8165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
14372
Content-Type
text/html; charset=utf-8
Date
Fri, 22 Mar 2024 17:30:30 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server
2.1.17573.7 - NEULR1 ProdSlices
x-ms-request-id
28f33ee1-72f7-4b84-9049-931c0c8d5500
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		110 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1062:10:25::1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 22 Mar 2024 17:30:31 GMT
content-encoding
gzip
x-azure-ref-originshield
06SD8ZQAAAAArvUy6h+edRYeImX8D5n3WTU5aMjIxMDYwNjExMDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
kqhA3D0Xczna4D/t8ioitQ==
x-cache
TCP_HIT
content-length
20314
x-ms-lease-status
unlocked
last-modified
Wed, 27 Dec 2023 18:18:12 GMT
etag
0x8DC07082FBB8D2B
x-azure-ref
0N8D9ZQAAAADrkw08Ol1zQoTi3W+lqXzvWVRPMjIxMDkwODIwMDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
838e353e-501e-003f-0522-7b4d90000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ConvergedLogin_PCore_Hl2bk1L3qQZ3wvMD_PMo5Q2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		433 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Hl2bk1L3qQZ3wvMD_PMo5Q2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1062:10:25::1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
db3796e88a754f03f8b3732c4cc9d5e1cf94e30b6c775e4b088bc3e64a77222b

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 22 Mar 2024 17:30:31 GMT
content-encoding
gzip
x-azure-ref-originshield
07B78ZQAAAAAbSVlHaE0hTIFnyvITU1tzTU5aMjIxMDYwNjEyMDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
1uzPl8n+Ut+zC4UAn8LmMw==
x-cache
TCP_HIT
content-length
120838
x-ms-lease-status
unlocked
last-modified
Tue, 27 Feb 2024 20:32:40 GMT
etag
0x8DC37D33E70E667
x-azure-ref
0N8D9ZQAAAADzW1GrQ3BHSK6ohEToTAuaWVRPMjIxMDkwODIwMDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a292995e-001e-005a-522c-7988b8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-en.min_pevuvrbnnz-5coi_b4jtbw2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_pevuvrbnnz-5coi_b4jtbw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1062:10:25::1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
30ff8ef06932efa5ba690bf160eea1fc719d3f2a3d756bd3a9b4c837f7220b0c

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 22 Mar 2024 17:30:31 GMT
content-encoding
gzip
x-azure-ref-originshield
0vsL4ZQAAAADfEl/G/x6rQZueKTpPtgxYTU5aMjIxMDYwNjEyMDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
CWi6wHL02j8bOmrVCAJelA==
x-cache
TCP_HIT
content-length
15778
x-ms-lease-status
unlocked
last-modified
Sat, 17 Feb 2024 05:09:10 GMT
etag
0x8DC2F7693532D17
x-azure-ref
0N8D9ZQAAAABCLVa3+5dtTKlnshiLp4vpWVRPMjIxMDkwODIwMDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3a70150c-c01e-006a-3d81-79a9a9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.151.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		219 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Hl2bk1L3qQZ3wvMD_PMo5Q2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1062:10:25::1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
df2e852c347ecf82f70a0c8a4b91713fbb0914d58f2cbab01316bfe646abee7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 22 Mar 2024 17:30:31 GMT
content-encoding
gzip
x-azure-ref-originshield
0N/r5ZQAAAAAW29mGOLpBTJXLFXqVjuwmTU5aMjIxMDYwNjEyMDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
eZ+IAUPxfkfE79uz/zWlTA==
x-cache
TCP_HIT
content-length
54325
x-ms-lease-status
unlocked
last-modified
Thu, 15 Feb 2024 19:13:15 GMT
etag
0x8DC2E5A2998EB1D
x-azure-ref
0OMD9ZQAAAAA6lzK/zULTRbqKNec6KPrzWVRPMjIxMDkwODE5MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4d80184e-b01e-0075-1844-769094000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1062:10:25::1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 22 Mar 2024 17:30:31 GMT
content-encoding
gzip
x-azure-ref-originshield
0FeLyZQAAAAB8mYXJeRYWQ6VRM+GAiAXwTU5aMjIxMDYwNjExMDQ3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
DhdidjYrlCeaRJJRG/y9mA==
x-cache
TCP_HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:46 GMT
etag
0x8DB5C3F47E260FD
x-azure-ref
0OMD9ZQAAAACraaiWsfafSJtLl12H7TWSWVRPMjIxMDkwODE5MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d18d19e5-401e-0062-1dfb-75f1b8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-llmtedivrs9bjlx7ozyms8fdbcfwxr-iknrbcew39om/logintenantbranding/0/ 		0
0
convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Hl2bk1L3qQZ3wvMD_PMo5Q2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1062:10:25::1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7530b843a86f3155ce07cda787a40da87052664b09c22f3d4db5e9238664dbe0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 22 Mar 2024 17:30:31 GMT
content-encoding
gzip
x-azure-ref-originshield
0LfX4ZQAAAAD8PCGpjzMjRIeu8vv8uFP7TU5aMjIxMDYwNjEyMDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
V5EQEHVskNWHVMke8e4nZQ==
x-cache
TCP_HIT
content-length
35813
x-ms-lease-status
unlocked
last-modified
Thu, 15 Feb 2024 19:13:16 GMT
etag
0x8DC2E5A29EDB0A1
x-azure-ref
0OMD9ZQAAAABsN36L4pVDQJhJ3oPVMRZZWVRPMjIxMDkwODE5MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bfa03c5c-601e-0018-6856-780dad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1062:10:25::1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 22 Mar 2024 17:30:32 GMT
content-encoding
gzip
x-azure-ref-originshield
0r/r5ZQAAAAB7fsbyE3KeTYQyEzXSW0XeTU5aMjIxMDYwNjEyMDQ1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
R2FAVxfpONfnQAuxVxXbHg==
x-cache
TCP_HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:49 GMT
etag
0x8DB5C3F49ED96E0
x-azure-ref
0OcD9ZQAAAADAko5vm7Z5Q6n7CNxE74X3WVRPMjIxMDkwODE5MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
84b176ff-b01e-000d-5251-773a85000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aadcdn.msauthimages.net
URL
https://aadcdn.msauthimages.net/c1c6b6c8-llmtedivrs9bjlx7ozyms8fdbcfwxr-iknrbcew39om/logintenantbranding/0/bannerlogo?ts=636592070410477843

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
portal.laadpunt.nl/ Name: state_token
Value: 9eba0983-8787-432f-aaa1-34de46e0c7df
auth.tribecrm.nl/ Name: oauth2_authentication_csrf
Value: MTcxMTEyODYyNnxEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJRGN4T0RrNVlqUmhOekJtTlRSalpUVTRNbU16TjJVMFpqRTFOakpsWkdJenzwtKnCVk6dDvZX4QpZilCHiduw3X437W9Fb5Or32fCow==
auth.tribecrm.nl/ Name: _csrf
Value: omzjV2nCbEqErOO3oeqAsyKn
auth.tribecrm.nl/ Name: connect.sid
Value: s%3AL-93kpoj52RtAL6nmCoLZGcBEx5glqm6.qE2gcpwObUSlaXu4QoIqE%2BbamF6Mi3r5XVIgcSPsArI

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
other warning URL: https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.microsoftonline.com/6aa5c7ef-73a6-48f1-a7d8-360b2610d0c7/oauth2/v2.0/authorize?response_type=code&client_id=1e3dd0d3-297a-438e-bafa-5c70dbff7e3e&redirect_uri=https%3A%2F%2Fauth.tribecrm.nl%2Fstrategy%2Fopenidconnect%2Fcallback&scope=openid&state=YCjJ4F2FTRPC0s3xRrp7kQHf&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-/dnQucuFdLWRNxXSqMlA9Q==' https://*.googleapis.com ; connect-src 'self' blob: https://api.tribecrm.nl wss://api.tribecrm.nl https://auth.tribecrm.nl https://logging.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://europe-west1-tribecrm-production.cloudfunctions.net https://*.googleapis.com https://*.google.com https://*.gstatic.com ; img-src 'self' blob: data: https://api.tribecrm.nl https://europe-west1-tribecrm-production.cloudfunctions.net https://flagcdn.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.googleusercontent.com ; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; frame-src 'self' https://html-viewer-dot-tribecrm-production.appspot.com https://www.youtube.com ; form-action 'self' https://api.tribecrm.nl; frame-ancestors 'self' https://mail.google.com; base-uri 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode-block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
api.tribecrm.nl
auth.tribecrm.nl
flagcdn.com
fonts.googleapis.com
fonts.gstatic.com
login.live.com
login.microsoftonline.com
portal.laadpunt.nl
aadcdn.msauthimages.net
142.250.80.51
20.190.151.133
2600:1901:0:e3b9::
2603:1036:3000:10::5
2603:1062:10:25::1
2606:4700:e4::ac40:ac03
2607:f8b0:4006:80b::200a
2607:f8b0:4006:822::2003
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
0f94c70192a7e1f6d92ceef8c20e48adda2751dee62717bacf8ceaaf90f17f9c
2035af87a60c6fa155ca6d14a71eeaa9086e4b55b679c0713db5383d1adc154f
2cd021aa85dac66011a8607390236687408255bc538a8d1e4745cf0786beb7b0
30ff8ef06932efa5ba690bf160eea1fc719d3f2a3d756bd3a9b4c837f7220b0c
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
45b93ccefd22e5ec4796dc8d5173e3060566fec357528dfe20b3bd814d9bc430
46ce4b49297a7b60d67e831c05370a9b9bfbda619fca005ffba5a03ab632a00f
4a585fe66e603d00237e223a8294e964736648c9d26a4e8f5ae5e634c6791821
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
5e36a2f95b51815233bbedaca8447b92ee0f8f34c4c3d9b450b2173c5b6e28cc
6628f5eb6eabdd699b7bffbbc15dc6a04e27dc26629a73e3b8f84858b6d33421
7053234845d5b6dcd68138ec7531d4159f81565f39bda0a89b231e642880b921
73ad1394f2054a7e765d3884caba2f1b1ded66cf8a2993b093a1f7a91acbe574
7530b843a86f3155ce07cda787a40da87052664b09c22f3d4db5e9238664dbe0
846136128682cc6f1004f09ed074d5e6c22bd451279a744fbf5a7b563c00b45f
86b14582d853ff585fa9a776561bec1ecfb397acf694f66deafd225e48f138f7
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9d9e2b1b1b516dd0e39ff9ebc6c9ced112bf424ea28b8b4030f2d336e968a0a0
ab7c3eec72970f60e4e2c0e9f856f0e86862142a4ecbafe8600cd7de97faa7a5
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
c45e112c4ef9f369bc67cf449176fba98e2c01e604f887fe38084305e0e92711
c778ceee4567b0f66598c4bcde6d7cb1dead99307441c471a27ba054e82a8165
c7f34c9303e328594456bdc8e8aca5badea8798512e3114fa99b017b482e592d
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
db3796e88a754f03f8b3732c4cc9d5e1cf94e30b6c775e4b088bc3e64a77222b
df2e852c347ecf82f70a0c8a4b91713fbb0914d58f2cbab01316bfe646abee7c
e889390fe2305dd065756a0fb443395225015ad29d5cc9515cccbcff50824933
f77727e8faa05a45342eb5f6ec3be19351414480199f9c5768044fc294ff993a
f8048ad269a8cd38535fc1312e3a40b96744347d6209a68caf10efd266034e63